Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12D33E3ECD7011EFB5F6C080762E951A.roa
File: 12D33E3ECD7011EFB5F6C080762E951A.roa (raw, json)
Hash identifier: aUyWLNsQQ3eALNvtVVKIDxVKyX6lXZznaxYv7LOXJHI=
Subject key identifier: 4D:54:EC:73:4C:29:A7:6F:55:AF:A2:BD:4E:A2:0A:1C:3B:1C:10:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF83
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12D33E3ECD7011EFB5F6C080762E951A.roa
Signing time: Wed 08 Jan 2025 03:24:31 +0000
ROA not before: Wed 08 Jan 2025 03:24:27 +0000
ROA not after: Mon 13 Dec 2027 03:24:27 +0000
asID: 17561
IP address blocks: 156.248.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65411 (0xff83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:24:27 2025 GMT
Not After : Dec 13 03:24:27 2027 GMT
Subject: CN=677defef-af70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:42:c2:a3:6f:ed:ea:90:2b:2d:a9:90:93:5d:
04:8f:6d:c2:29:b4:36:46:7a:64:be:dc:02:eb:73:
0f:b8:da:5c:8d:fe:bd:78:6d:36:1e:41:42:dc:d6:
5f:fb:6e:8f:0a:8b:59:24:ad:4c:bb:07:f1:1a:69:
de:80:39:d1:66:31:d5:92:9d:bb:e1:8b:b8:9a:93:
ce:f7:47:ca:79:f6:76:1b:6b:f7:ba:d0:9b:41:a4:
5b:c8:20:ac:8e:b8:de:d9:d9:f1:6b:2b:0b:4b:7b:
4b:ac:1f:f0:9f:a5:b0:2a:b6:18:1c:7e:8e:a1:36:
cc:df:b5:2a:43:b2:37:78:42:27:fb:0f:83:f3:d8:
01:11:cf:05:17:a7:af:1c:8f:4c:71:75:14:f0:ef:
ea:fb:d9:72:cd:7d:ec:5d:d1:32:1f:37:af:b3:eb:
44:ba:48:e2:3b:18:2f:54:26:17:53:a0:8d:be:9e:
d8:c6:24:e2:a9:4e:94:e2:6c:37:17:3f:43:0f:e8:
73:ca:a1:75:46:de:a2:46:ed:bf:53:19:31:81:af:
b7:2f:fd:5b:40:17:36:a8:9c:b1:84:fb:f7:ce:98:
d2:78:9a:e6:6c:fd:87:e9:62:dc:71:08:aa:8c:50:
8d:b2:83:a9:45:f6:5c:42:bc:50:64:6f:a9:2d:63:
93:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:54:EC:73:4C:29:A7:6F:55:AF:A2:BD:4E:A2:0A:1C:3B:1C:10:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12D33E3ECD7011EFB5F6C080762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.27.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:ac:f6:5e:f9:b7:49:6c:d2:06:5d:8e:e6:45:d0:36:98:9f:
17:97:7d:e2:e0:ba:86:78:c8:f0:fd:38:e8:82:83:f1:47:55:
bb:ed:fc:34:e9:e9:72:62:c4:b7:67:db:ea:5f:e7:4d:1e:17:
72:1c:e6:2a:9e:06:93:1a:63:ab:9a:da:3b:fd:66:c0:eb:e6:
10:46:fb:da:c9:7a:c1:ac:f0:f4:c2:86:99:20:44:42:71:15:
6e:27:6f:b2:0f:71:ac:09:70:59:23:3b:e9:f6:27:42:f7:46:
7e:bd:4f:cf:9c:0b:59:80:27:ce:84:d6:ed:03:82:fe:7a:48:
ed:5d:74:f4:a4:e2:60:a5:8d:bf:a0:1f:c2:7d:85:a7:ef:4d:
32:e9:c6:d7:cd:f1:f3:48:90:59:e0:6b:9d:15:d1:97:fa:54:
dc:90:bf:31:ea:a1:d0:54:1e:39:75:36:24:ec:f9:15:42:e8:
6d:89:a0:e4:34:af:79:c4:dd:3e:ac:9f:a5:6b:52:e6:af:94:
94:da:3c:62:dd:af:f7:08:64:ca:53:c5:13:90:d5:b1:42:20:
d7:ec:30:08:87:69:42:a6:eb:6c:58:7c:b6:f7:6a:b6:be:ad:
35:a4:02:74:a0:13:be:7a:f4:d8:7e:70:27:fd:ea:06:cd:9d:
40:5f:84:3c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDMyNDI3WhcNMjcxMjEzMDMyNDI3WjAYMRYw
FAYDVQQDEw02NzdkZWZlZi1hZjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr0LCo2/t6pArLamQk10Ej23CKbQ2RnpkvtwC63MPuNpcjf69eG02HkFC
3NZf+26PCotZJK1MuwfxGmnegDnRZjHVkp274Yu4mpPO90fKefZ2G2v3utCbQaRb
yCCsjrje2dnxaysLS3tLrB/wn6WwKrYYHH6OoTbM37UqQ7I3eEIn+w+D89gBEc8F
F6evHI9McXUU8O/q+9lyzX3sXdEyHzevs+tEukjiOxgvVCYXU6CNvp7YxiTiqU6U
4mw3Fz9DD+hzyqF1Rt6iRu2/Uxkxga+3L/1bQBc2qJyxhPv3zpjSeJrmbP2H6WLc
cQiqjFCNsoOpRfZcQrxQZG+pLWOTAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE1U
7HNMKadvVa+ivU6iChw7HBC6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMkQzM0UzRUNENzAxMUVGQjVGNkMwODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgbMA0GCSqGSIb3DQEBCwUA
A4IBAQC8rPZe+bdJbNIGXY7mRdA2mJ8Xl33i4LqGeMjw/TjogoPxR1W77fw06ely
YsS3Z9vqX+dNHhdyHOYqngaTGmOrmto7/WbA6+YQRvvayXrBrPD0woaZIERCcRVu
J2+yD3GsCXBZIzvp9idC90Z+vU/PnAtZgCfOhNbtA4L+ekjtXXT0pOJgpY2/oB/C
fYWn700y6cbXzfHzSJBZ4GudFdGX+lTckL8x6qHQVB45dTYk7PkVQuhtiaDkNK95
xN0+rJ+la1Lmr5SU2jxi3a/3CGTKU8UTkNWxQiDX7DAIh2lCputsWHy292q2vq01
pAJ0oBO+evTYfnAn/eoGzZ1AX4Q8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:34 2025 by rpki-client